Re: Anti-Virus on Terminal Server 2003 POP3 email

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

If I understand you, you want a virus scanner that would be installed on the client machine to scan e-mail going to Outlook on the remote machine. That is, by definition, impossible. The connection to the remote machine is an encrypted stream of graphics, input commands, etc. Unless the user then copied the attachment to the local machine, the virus scanner would not see e-mail or attachments, just encrypted graphics that are used to draw them. If the user downloads the attachment, the scanner could scan it on reaching the local machine, but no earlier. If they ran it from the server, you'd be stuck.

What you need is an enterprise class virus scanner for the server that you run concurrently with the Outlook session and does POP3 e-mail scanning. The downside is that running scanners on the server can reduce performance; you'll need to do research to find the best options.

To reduce attack profile, you should probably make sure that your users are not given Administrative privileges on your TS. If they don't have Admin privileges, just normal User and Remote Desktop privileges, the damage potential for any given virus is dramatically reduced.

--
Josh Rosenberg [MSFT]
SDE - Terminal Services


"Julie" <julie@xxxxxxxxxxxxx> wrote in message news:ONFIAdOnHHA.1240@xxxxxxxxxxxxxxxxxxxxxxx
I've been looking into this and found a recent discussion
about this general topic here. However, I'm not sure
it applies to my situation so I'd like to ask a question.

We're installing a Terminal Server (Server 2003) on which
each remote user will use Outlook on the TS to retrieve
their email from a POP3 email server. There's no Exchange
Server here, so Scanmail isn't the answer.

Our main concern is scanning this email for viruses as it is
downloaded. Scanning of the data files and documents on the
server machine is not a concern for us.

Many of the client antivirus products perform this scanning
of messages as they are downloaded from a POP3 email
server, and we're looking for a product that will perform
this function for the TS remote users as they use their TS
Outlook to retrieve email.

Does anyone know what, if any, products behave this way?

Thanks.



.

Relevant Pages

  • Re: RPCH Over HTTP config
    ... "The client could not connect to the remote computer. ... See the link called "Configure your computer to use Outlook via the ... Small Business Server through the Internet ... profile configured for the server. ...
    (microsoft.public.windows.server.sbs)
  • SecurityFocus Microsoft Newsletter #152
    ... MICROSOFT VULNERABILITY SUMMARY ... Real Networks Helix Universal Server Remote Buffer Overflow ... ... NEW PRODUCTS FOR MICROSOFT PLATFORMS ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #140
    ... Cafelog b2 Remote File Include Vulnerability ... Webfroot Shoutbox Remote Command Execution Vulnerability ... Pablo Software Solutions Baby POP3 Server Multiple Connection... ... Microsoft Windows XP Nested Directory Denial of Service... ...
    (Focus-Microsoft)
  • Re: Remote Web Workplace option missing
    ... I believe this is a standard install. ... I am not sure what do you mean by "remote directory". ... Outlook Web Access ... The server has been running for close to an year. ...
    (microsoft.public.windows.server.sbs)
  • Re: Mailbox question: Emails show up in the user computer with Cache enabled but disappear from the
    ... The fix for this is to go to the remote PC and shut down Outlook. ... He/she can use the Outlook Folder List to drag the messages back into the Inbox. ... However, for this particular user, when the email is syncronized with the server, all emails disappear from the users mailbox on the Exchaneg Server. ...
    (microsoft.public.windows.server.sbs)